Vulnerabilities > CVE-2006-6213 - Remote File Include vulnerability in PEGames
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
index.php in PEGames uses the extract function to overwrite critical variables, which allows remote attackers to conduct PHP remote file inclusion attacks via the abs_url parameter, which is later extracted to overwrite a previously uncontrolled value.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Exploit-Db
description | PEGames (index.php) Remote File Include Vulnerability. CVE-2006-6213. Webapps exploit for php platform |
file | exploits/php/webapps/2840.txt |
id | EDB-ID:2840 |
last seen | 2016-01-31 |
modified | 2006-11-23 |
platform | php |
port | |
published | 2006-11-23 |
reporter | DeltahackingTEAM |
source | https://www.exploit-db.com/download/2840/ |
title | PEGames index.php Remote File Include Vulnerability |
type | webapps |